#set( $symbol_pound = '#' )
#set( $symbol_dollar = '$' )
#set( $symbol_escape = '\' )
package ${package}.oauth.facade.impl;

import ${package}.common.bean.vo.SecurityUser;
import ${package}.oauth.configure.YkResourceConfig;
import ${package}.oauth.facade.YkUrlPermission;
import com.google.common.collect.Sets;
import lombok.AllArgsConstructor;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.Set;


/**
 * Description:
 *  自定义权限表达式
 *
 * @author wupanhua
 * @date 2019-09-01 22:05
 *
 * <pre>
 *              ${copyright}
 *      Copyright (c) 2019. All Rights Reserved.
 * </pre>
 */
@AllArgsConstructor
@Component("ykUrlPermission")
public class YkUrlPermissionImpl implements YkUrlPermission {

    /**
     * 安全配置文件
     */
    private final YkResourceConfig ykResourceConfig;

    @Override
    public boolean hasUrlPermission(HttpServletRequest request, Authentication authentication) {

        Object principal = authentication.getPrincipal();
        // 判断当前用户是否有权限
        if (principal instanceof SecurityUser) {
            SecurityUser securityUser = (SecurityUser) principal;
            // 检查鉴权是否已经被关闭
            if (!(ykResourceConfig.isEnableUriAuth())) {
                return securityUser.isEnabled();
            }
            List<String> permissionUri = securityUser.getPermissionUri();
            if (null != permissionUri) {
                Set<String> permissionSet = Sets.newHashSet(permissionUri.iterator());
                return permissionSet.contains(request.getRequestURI());
            }
        }
        return false;
    }

}
